Updated readme with information about approval_prompt #14

wants to merge 1 commit into


None yet

2 participants


So, I'm a little confused about the approval_prompt parameter for oauth. I thought I'd receive a refresh token regardless of this parameter, however, when testing and authenticating my user account, it seems that I only receive the refresh_token when I include approval_prompt: 'force'. Anyways, I figured I'd document it.

monsur commented Mar 10, 2013

This is an OAuth2 specific detail which is already documented in the OAuth2 docs. Since the README already links to the docs, I don't think you need to mention this here. It may be better to start an auth or client best-practices guide in the wiki and put this type of information there.

Also note that the approval_prompt parameter should only dictate whether the user should be re-prompted for consent. This may be an unwanted side effect.


Yeah, on second thought I definitely agree that this is an OAuth2 concern and not the node client's.

Yeah that's why I'm so confused about the approval_prompt param because it says it's for re-prompting the user every time. However, it provides a refresh_token which I need in order to get new access_tokens after they expire. From the docs:

For example, a server-side web application would exchange the returned token for an access token and a refresh token. The access token would let the application authenticate requests on the user's behalf, and the refresh token would let the application retrieve a new access token when the original access token expires.

The example above is basically my situation since I am using a single youtube account to post videos on behalf of my application, so theoretically I'll only have to authenticate myself one time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment